public ProcessedRequest Process(ProcessedRequest request)
{
var me = UserRepository.Find(request.UserId);
var entityGuid = _forcedGuid ?? request.GetRequestStr(_entityGuidParam);
if (!EntityUtils.IsEntityExists(entityGuid, _entityType))
{
request.AddError(new HttpError(HttpStatusCode.NotFound, $"Target {_entityType} doesn't exist"));
}
if (!PermissionUtils.HasEntityPermission(me, entityGuid, _entityType))
{
request.AddError(
new HttpError(HttpStatusCode.Forbidden, "You don't have write permissions for this " + _entityType)
);
}
return(request);
}
public ProcessedRequest Process(ProcessedRequest request)
{
var scheduleToken = AppConfig.GetConfiguration("auth:schedule:token");
if (
string.IsNullOrEmpty(scheduleToken) || scheduleToken != request.GetRequestStr("schedule_token")
)
{
request.AddError(new HttpError(HttpStatusCode.Unauthorized, "Schedule token is invalid"));
}
return(request);
}
public ProcessedRequest Process(ProcessedRequest request)
{
var userId = Jwt.GetUserIdFromToken((string)request.Request.Query["api_token"] ?? "");
if (userId == 0)
{
request.AddError(
new HttpError(HttpStatusCode.Unauthorized, "Invalid api_token")
);
}
request.UserId = userId;
return(request);
}
public static ProcessedRequest ProcessAll(Request request, IMiddleware[] middleware, IValidatorRule[] rules)
{
var processed = new ProcessedRequest(request);
foreach (var mid in middleware)
{
mid.Process(processed);
if (processed.HasErrors())
{
return(processed);
}
}
foreach (var rule in rules)
{
var result = rule.Process(processed.Request);
if (result != null)
{
processed.AddError(result);
}
}
return(processed);
}